Stage 6

src/core/core_banned_word.erl

@@ -0,0 +1,85 @@
+-module(core_banned_word).
+-include("records.hrl").
+
+-export([add/1, remove/1, list_all/0, is_banned/1]).
+-export([check_text/1, filter_text/1]).
+
+%% Добавить слово в бан-лист
+add(Word) when is_binary(Word) ->
+  WordLower = string:lowercase(Word),
+  case is_banned(WordLower) of
+    true -> {error, already_exists};
+    false ->
+      BannedWord = #banned_word{
+        id = generate_id(),
+        word = WordLower
+      },
+      F = fun() ->
+        mnesia:write(BannedWord),
+        {ok, BannedWord}
+          end,
+      case mnesia:transaction(F) of
+        {atomic, Result} -> Result;
+        {aborted, Reason} -> {error, Reason}
+      end
+  end.
+
+%% Удалить слово из бан-листа
+remove(Word) when is_binary(Word) ->
+  WordLower = string:lowercase(Word),
+  Match = #banned_word{word = WordLower, _ = '_'},
+  case mnesia:dirty_match_object(Match) of
+    [] -> {error, not_found};
+    [BannedWord] ->
+      F = fun() ->
+        mnesia:delete_object(BannedWord),
+        {ok, removed}
+          end,
+      case mnesia:transaction(F) of
+        {atomic, Result} -> Result;
+        {aborted, Reason} -> {error, Reason}
+      end
+  end.
+
+%% Список всех запрещённых слов
+list_all() ->
+  Match = #banned_word{_ = '_'},
+  Words = mnesia:dirty_match_object(Match),
+  {ok, [W#banned_word.word || W <- Words]}.
+
+%% Проверить, является ли слово запрещённым
+is_banned(Word) when is_binary(Word) ->
+  WordLower = string:lowercase(Word),
+  Match = #banned_word{word = WordLower, _ = '_'},
+  case mnesia:dirty_match_object(Match) of
+    [] -> false;
+    _ -> true
+  end.
+
+%% Проверить текст на наличие запрещённых слов
+check_text(Text) when is_binary(Text) ->
+  TextLower = string:lowercase(Text),
+  Words = string:split(TextLower, " ", all),
+  {ok, BannedWords} = list_all(),
+  lists:any(fun(W) -> lists:member(W, BannedWords) end, Words).
+
+%% Отфильтровать запрещённые слова (заменить на ***)
+filter_text(Text) when is_binary(Text) ->
+  {ok, BannedWords} = list_all(),
+  Words = binary:split(Text, <<" ">>, [global]),
+  Filtered = lists:map(fun(W) ->
+    case lists:member(string:lowercase(W), BannedWords) of
+      true -> <<"***">>;
+      false -> W
+    end
+                       end, Words),
+  iolist_to_binary(join_binary(Filtered, <<" ">>)).
+
+join_binary([], _) -> [];
+join_binary([H], _) -> [H];
+join_binary([H|T], Sep) ->
+  [H, Sep | join_binary(T, Sep)].
+
+%% Внутренние функции
+generate_id() ->
+  base64:encode(crypto:strong_rand_bytes(16), #{mode => urlsafe, padding => false}).

src/core/core_report.erl

@@ -0,0 +1,88 @@
+-module(core_report).
+-include("records.hrl").
+
+-export([create/4, get_by_id/1, list_by_target/2, list_by_reporter/1, list_all/0]).
+-export([update_status/3, get_count_by_target/2]).
+-export([generate_id/0]).
+
+%% Создание жалобы
+create(ReporterId, TargetType, TargetId, Reason) ->
+  Id = generate_id(),
+  Report = #report{
+    id = Id,
+    reporter_id = ReporterId,
+    target_type = TargetType,
+    target_id = TargetId,
+    reason = Reason,
+    status = pending,
+    created_at = calendar:universal_time(),
+    resolved_at = undefined,
+    resolved_by = undefined
+  },
+
+  F = fun() ->
+    mnesia:write(Report),
+    {ok, Report}
+      end,
+
+  case mnesia:transaction(F) of
+    {atomic, Result} -> Result;
+    {aborted, Reason} -> {error, Reason}
+  end.
+
+%% Получение жалобы по ID
+get_by_id(Id) ->
+  case mnesia:dirty_read(report, Id) of
+    [] -> {error, not_found};
+    [Report] -> {ok, Report}
+  end.
+
+%% Список жалоб на цель
+list_by_target(TargetType, TargetId) ->
+  Match = #report{target_type = TargetType, target_id = TargetId, _ = '_'},
+  Reports = mnesia:dirty_match_object(Match),
+  {ok, Reports}.
+
+%% Список жалоб от пользователя
+list_by_reporter(ReporterId) ->
+  Match = #report{reporter_id = ReporterId, _ = '_'},
+  Reports = mnesia:dirty_match_object(Match),
+  {ok, Reports}.
+
+%% Список всех жалоб (для админов)
+list_all() ->
+  Match = #report{_ = '_'},
+  Reports = mnesia:dirty_match_object(Match),
+  {ok, Reports}.
+
+%% Обновление статуса жалобы
+update_status(Id, Status, ResolvedBy) when Status =:= reviewed; Status =:= dismissed ->
+  F = fun() ->
+    case mnesia:read(report, Id) of
+      [] ->
+        {error, not_found};
+      [Report] ->
+        Updated = Report#report{
+          status = Status,
+          resolved_at = calendar:universal_time(),
+          resolved_by = ResolvedBy
+        },
+        mnesia:write(Updated),
+        {ok, Updated}
+    end
+      end,
+
+  case mnesia:transaction(F) of
+    {atomic, Result} -> Result;
+    {aborted, Reason} -> {error, Reason}
+  end.
+
+%% Получить количество жалоб на цель
+get_count_by_target(TargetType, TargetId) ->
+  Match = #report{target_type = TargetType, target_id = TargetId, status = pending, _ = '_'},
+  Reports = mnesia:dirty_match_object(Match),
+  length(Reports).
+
+%% Внутренние функции
+generate_id() ->
+  base64:encode(crypto:strong_rand_bytes(16), #{mode => urlsafe, padding => false}).

src/eventhub_app.erl

@@ -43,7 +43,13 @@ start_http() ->
       {"/v1/bookings/:id", handler_booking_by_id, []},
       {"/v1/reviews", handler_reviews, []},
       {"/v1/reviews/:id", handler_review_by_id, []},
-      {"/v1/admin/reviews/:id", handler_admin_reviews, []}
+      {"/v1/reports", handler_reports, []},
+      {"/v1/admin/reports", handler_reports, []},
+      {"/v1/admin/reports/:id", handler_report_by_id, []},
+      {"/v1/admin/reviews/:id", handler_admin_reviews, []},
+      {"/v1/admin/banned-words", handler_banned_words, []},
+      {"/v1/admin/banned-words/:word", handler_banned_words, []},
+      {"/v1/admin/:target_type/:id", handler_admin_moderation, []}
     ]}
   ]),
 

src/handlers/handler_admin_moderation.erl

@@ -0,0 +1,130 @@
+-module(handler_admin_moderation).
+-include("records.hrl").
+
+-export([init/2]).
+
+init(Req, Opts) ->
+  handle(Req, Opts).
+
+handle(Req, _Opts) ->
+  case cowboy_req:method(Req) of
+    <<"PUT">> -> moderate(Req);
+    _ -> send_error(Req, 405, <<"Method not allowed">>)
+  end.
+
+%% PUT /v1/admin/:target_type/:id - заморозка/разморозка
+moderate(Req) ->
+  case handler_auth:authenticate(Req) of
+    {ok, AdminId, Req1} ->
+      TargetTypeBin = cowboy_req:binding(target_type, Req1),
+      TargetId = cowboy_req:binding(id, Req1),
+      TargetType = parse_target_type(TargetTypeBin),
+      {ok, Body, Req2} = cowboy_req:read_body(Req1),
+      try jsx:decode(Body, [return_maps]) of
+        #{<<"action">> := Action} ->
+          case {TargetType, Action} of
+            {calendar, <<"freeze">>} ->
+              case logic_moderation:freeze_calendar(AdminId, TargetId) of
+                {ok, Calendar} ->
+                  send_json(Req2, 200, calendar_to_json(Calendar));
+                {error, access_denied} ->
+                  send_error(Req2, 403, <<"Admin access required">>);
+                {error, not_found} ->
+                  send_error(Req2, 404, <<"Calendar not found">>);
+                {error, _} ->
+                  send_error(Req2, 500, <<"Internal server error">>)
+              end;
+            {calendar, <<"unfreeze">>} ->
+              case logic_moderation:unfreeze_calendar(AdminId, TargetId) of
+                {ok, Calendar} ->
+                  send_json(Req2, 200, calendar_to_json(Calendar));
+                {error, access_denied} ->
+                  send_error(Req2, 403, <<"Admin access required">>);
+                {error, not_found} ->
+                  send_error(Req2, 404, <<"Calendar not found">>);
+                {error, _} ->
+                  send_error(Req2, 500, <<"Internal server error">>)
+              end;
+            {event, <<"freeze">>} ->
+              case logic_moderation:freeze_event(AdminId, TargetId) of
+                {ok, Event} ->
+                  send_json(Req2, 200, event_to_json(Event));
+                {error, access_denied} ->
+                  send_error(Req2, 403, <<"Admin access required">>);
+                {error, not_found} ->
+                  send_error(Req2, 404, <<"Event not found">>);
+                {error, _} ->
+                  send_error(Req2, 500, <<"Internal server error">>)
+              end;
+            {event, <<"unfreeze">>} ->
+              case logic_moderation:unfreeze_event(AdminId, TargetId) of
+                {ok, Event} ->
+                  send_json(Req2, 200, event_to_json(Event));
+                {error, access_denied} ->
+                  send_error(Req2, 403, <<"Admin access required">>);
+                {error, not_found} ->
+                  send_error(Req2, 404, <<"Event not found">>);
+                {error, _} ->
+                  send_error(Req2, 500, <<"Internal server error">>)
+              end;
+            _ ->
+              send_error(Req2, 400, <<"Invalid target_type or action">>)
+          end;
+        _ ->
+          send_error(Req2, 400, <<"Missing action field">>)
+      catch
+        _:_ ->
+          send_error(Req2, 400, <<"Invalid JSON format">>)
+      end;
+    {error, Code, Message, Req1} ->
+      send_error(Req1, Code, Message)
+  end.
+
+%% Вспомогательные функции
+parse_target_type(<<"calendars">>) -> calendar;
+parse_target_type(<<"events">>) -> event;
+parse_target_type(_) -> undefined.
+
+calendar_to_json(Calendar) ->
+  #{
+    id => Calendar#calendar.id,
+    owner_id => Calendar#calendar.owner_id,
+    title => Calendar#calendar.title,
+    description => Calendar#calendar.description,
+    type => Calendar#calendar.type,
+    tags => Calendar#calendar.tags,
+    status => Calendar#calendar.status,
+    rating_avg => Calendar#calendar.rating_avg,
+    rating_count => Calendar#calendar.rating_count,
+    created_at => datetime_to_iso8601(Calendar#calendar.created_at),
+    updated_at => datetime_to_iso8601(Calendar#calendar.updated_at)
+  }.
+
+event_to_json(Event) ->
+  #{
+    id => Event#event.id,
+    calendar_id => Event#event.calendar_id,
+    title => Event#event.title,
+    description => Event#event.description,
+    event_type => Event#event.event_type,
+    start_time => datetime_to_iso8601(Event#event.start_time),
+    duration => Event#event.duration,
+    status => Event#event.status,
+    tags => Event#event.tags,
+    rating_avg => Event#event.rating_avg,
+    rating_count => Event#event.rating_count,
+    created_at => datetime_to_iso8601(Event#event.created_at),
+    updated_at => datetime_to_iso8601(Event#event.updated_at)
+  }.
+
+datetime_to_iso8601({{Year, Month, Day}, {Hour, Minute, Second}}) ->
+  iolist_to_binary(io_lib:format("~4..0B-~2..0B-~2..0BT~2..0B:~2..0B:~2..0BZ",
+    [Year, Month, Day, Hour, Minute, Second])).
+
+send_json(Req, Status, Data) ->
+  Body = jsx:encode(Data),
+  cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req).
+
+send_error(Req, Status, Message) ->
+  Body = jsx:encode(#{error => Message}),
+  cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req).

src/handlers/handler_banned_words.erl

@@ -0,0 +1,86 @@
+-module(handler_banned_words).
+-include("records.hrl").
+
+-export([init/2]).
+
+init(Req, Opts) ->
+  handle(Req, Opts).
+
+handle(Req, _Opts) ->
+  case cowboy_req:method(Req) of
+    <<"GET">> -> list_banned_words(Req);
+    <<"POST">> -> add_banned_word(Req);
+    <<"DELETE">> -> remove_banned_word(Req);
+    _ -> send_error(Req, 405, <<"Method not allowed">>)
+  end.
+
+%% GET /v1/admin/banned-words - список запрещённых слов
+list_banned_words(Req) ->
+  case handler_auth:authenticate(Req) of
+    {ok, AdminId, Req1} ->
+      case logic_moderation:list_banned_words(AdminId) of
+        {ok, Words} ->
+          send_json(Req1, 200, Words);
+        {error, access_denied} ->
+          send_error(Req1, 403, <<"Admin access required">>);
+        {error, _} ->
+          send_error(Req1, 500, <<"Internal server error">>)
+      end;
+    {error, Code, Message, Req1} ->
+      send_error(Req1, Code, Message)
+  end.
+
+%% POST /v1/admin/banned-words - добавить запрещённое слово
+add_banned_word(Req) ->
+  case handler_auth:authenticate(Req) of
+    {ok, AdminId, Req1} ->
+      {ok, Body, Req2} = cowboy_req:read_body(Req1),
+      try jsx:decode(Body, [return_maps]) of
+        #{<<"word">> := Word} ->
+          case logic_moderation:add_banned_word(AdminId, Word) of
+            {ok, _} ->
+              send_json(Req2, 201, #{word => Word, status => <<"added">>});
+            {error, already_exists} ->
+              send_error(Req2, 409, <<"Word already exists">>);
+            {error, access_denied} ->
+              send_error(Req2, 403, <<"Admin access required">>);
+            {error, _} ->
+              send_error(Req2, 500, <<"Internal server error">>)
+          end;
+        _ ->
+          send_error(Req2, 400, <<"Missing 'word' field">>)
+      catch
+        _:_ ->
+          send_error(Req2, 400, <<"Invalid JSON format">>)
+      end;
+    {error, Code, Message, Req1} ->
+      send_error(Req1, Code, Message)
+  end.
+
+%% DELETE /v1/admin/banned-words - удалить запрещённое слово
+remove_banned_word(Req) ->
+  case handler_auth:authenticate(Req) of
+    {ok, AdminId, Req1} ->
+      Word = cowboy_req:binding(word, Req1),
+      case logic_moderation:remove_banned_word(AdminId, Word) of
+        {ok, removed} ->
+          send_json(Req1, 200, #{word => Word, status => <<"removed">>});
+        {error, not_found} ->
+          send_error(Req1, 404, <<"Word not found">>);
+        {error, access_denied} ->
+          send_error(Req1, 403, <<"Admin access required">>);
+        {error, _} ->
+          send_error(Req1, 500, <<"Internal server error">>)
+      end;
+    {error, Code, Message, Req1} ->
+      send_error(Req1, Code, Message)
+  end.
+
+%% Вспомогательные функции
+send_json(Req, Status, Data) ->
+  Body = jsx:encode(Data),
+  cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req).
+
+send_error(Req, Status, Message) ->
+  Body = jsx:encode(#{error => Message}),
+  cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req).

src/handlers/handler_report_by_id.erl

@@ -0,0 +1,83 @@
+-module(handler_report_by_id).
+-include("records.hrl").
+
+-export([init/2]).
+
+init(Req, Opts) ->
+  handle(Req, Opts).
+
+handle(Req, _Opts) ->
+  case cowboy_req:method(Req) of
+    <<"PUT">> -> resolve_report(Req);
+    _ -> send_error(Req, 405, <<"Method not allowed">>)
+  end.
+
+%% PUT /v1/admin/reports/:id - рассмотрение жалобы
+resolve_report(Req) ->
+  case handler_auth:authenticate(Req) of
+    {ok, AdminId, Req1} ->
+      ReportId = cowboy_req:binding(id, Req1),
+      {ok, Body, Req2} = cowboy_req:read_body(Req1),
+      try jsx:decode(Body, [return_maps]) of
+        #{<<"action">> := Action} ->
+          ActionAtom = case Action of
+                         <<"review">> -> reviewed;
+                         <<"dismiss">> -> dismissed;
+                         _ -> undefined
+                       end,
+          case ActionAtom of
+            undefined ->
+              send_error(Req2, 400, <<"Invalid action. Use 'review' or 'dismiss'">>);
+            _ ->
+              case logic_moderation:resolve_report(AdminId, ReportId, ActionAtom) of
+                {ok, Report} ->
+                  Response = report_to_json(Report),
+                  send_json(Req2, 200, Response);
+                {error, access_denied} ->
+                  send_error(Req2, 403, <<"Admin access required">>);
+                {error, already_resolved} ->
+                  send_error(Req2, 409, <<"Report already resolved">>);
+                {error, not_found} ->
+                  send_error(Req2, 404, <<"Report not found">>);
+                {error, _} ->
+                  send_error(Req2, 500, <<"Internal server error">>)
+              end
+          end;
+        _ ->
+          send_error(Req2, 400, <<"Missing action field">>)
+      catch
+        _:_ ->
+          send_error(Req2, 400, <<"Invalid JSON format">>)
+      end;
+    {error, Code, Message, Req1} ->
+      send_error(Req1, Code, Message)
+  end.
+
+%% Вспомогательные функции
+report_to_json(Report) ->
+  #{
+    id => Report#report.id,
+    reporter_id => Report#report.reporter_id,
+    target_type => Report#report.target_type,
+    target_id => Report#report.target_id,
+    reason => Report#report.reason,
+    status => Report#report.status,
+    created_at => datetime_to_iso8601(Report#report.created_at),
+    resolved_at => case Report#report.resolved_at of
+                     undefined -> null;
+                     Dt -> datetime_to_iso8601(Dt)
+                   end,
+    resolved_by => Report#report.resolved_by
+  }.
+
+datetime_to_iso8601({{Year, Month, Day}, {Hour, Minute, Second}}) ->
+  iolist_to_binary(io_lib:format("~4..0B-~2..0B-~2..0BT~2..0B:~2..0B:~2..0BZ",
+    [Year, Month, Day, Hour, Minute, Second])).
+
+send_json(Req, Status, Data) ->
+  Body = jsx:encode(Data),
+  cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req).
+
+send_error(Req, Status, Message) ->
+  Body = jsx:encode(#{error => Message}),
+  cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req).

src/handlers/handler_reports.erl

@@ -0,0 +1,113 @@
+-module(handler_reports).
+-include("records.hrl").
+
+-export([init/2]).
+
+init(Req, Opts) ->
+  handle(Req, Opts).
+
+handle(Req, _Opts) ->
+  case cowboy_req:method(Req) of
+    <<"POST">> -> create_report(Req);
+    <<"GET">> -> list_reports(Req);
+    _ -> send_error(Req, 405, <<"Method not allowed">>)
+  end.
+
+%% POST /v1/reports - создание жалобы
+create_report(Req) ->
+  case handler_auth:authenticate(Req) of
+    {ok, UserId, Req1} ->
+      {ok, Body, Req2} = cowboy_req:read_body(Req1),
+      try jsx:decode(Body, [return_maps]) of
+        Decoded when is_map(Decoded) ->
+          case Decoded of
+            #{<<"target_type">> := TargetTypeBin,
+              <<"target_id">> := TargetId,
+              <<"reason">> := Reason} ->
+              TargetType = parse_target_type(TargetTypeBin),
+              case logic_moderation:create_report(UserId, TargetType, TargetId, Reason) of
+                {ok, Report} ->
+                  Response = report_to_json(Report),
+                  send_json(Req2, 201, Response);
+                {error, target_not_found} ->
+                  send_error(Req2, 404, <<"Target not found">>);
+                {error, _} ->
+                  send_error(Req2, 500, <<"Internal server error">>)
+              end;
+            _ ->
+              send_error(Req2, 400, <<"Missing required fields">>)
+          end;
+        _ ->
+          send_error(Req2, 400, <<"Invalid JSON">>)
+      catch
+        _:_ ->
+          send_error(Req2, 400, <<"Invalid JSON format">>)
+      end;
+    {error, Code, Message, Req1} ->
+      send_error(Req1, Code, Message)
+  end.
+
+%% GET /v1/admin/reports - список всех жалоб (админ)
+list_reports(Req) ->
+  case handler_auth:authenticate(Req) of
+    {ok, AdminId, Req1} ->
+      Qs = cowboy_req:parse_qs(Req1),
+      case {proplists:get_value(<<"target_type">>, Qs), proplists:get_value(<<"target_id">>, Qs)} of
+        {undefined, _} ->
+          case logic_moderation:get_reports(AdminId) of
+            {ok, Reports} ->
+              Response = [report_to_json(R) || R <- Reports],
+              send_json(Req1, 200, Response);
+            {error, access_denied} ->
+              send_error(Req1, 403, <<"Admin access required">>);
+            {error, _} ->
+              send_error(Req1, 500, <<"Internal server error">>)
+          end;
+        {TargetTypeBin, TargetId} ->
+          TargetType = parse_target_type(TargetTypeBin),
+          case logic_moderation:get_reports_by_target(AdminId, TargetType, TargetId) of
+            {ok, Reports} ->
+              Response = [report_to_json(R) || R <- Reports],
+              send_json(Req1, 200, Response);
+            {error, access_denied} ->
+              send_error(Req1, 403, <<"Admin access required">>);
+            {error, _} ->
+              send_error(Req1, 500, <<"Internal server error">>)
+          end
+      end;
+    {error, Code, Message, Req1} ->
+      send_error(Req1, Code, Message)
+  end.
+
+%% Вспомогательные функции
+parse_target_type(<<"event">>) -> event;
+parse_target_type(<<"calendar">>) -> calendar;
+parse_target_type(_) -> undefined.
+
+report_to_json(Report) ->
+  #{
+    id => Report#report.id,
+    reporter_id => Report#report.reporter_id,
+    target_type => Report#report.target_type,
+    target_id => Report#report.target_id,
+    reason => Report#report.reason,
+    status => Report#report.status,
+    created_at => datetime_to_iso8601(Report#report.created_at),
+    resolved_at => case Report#report.resolved_at of
+                     undefined -> null;
+                     Dt -> datetime_to_iso8601(Dt)
+                   end,
+    resolved_by => Report#report.resolved_by
+  }.
+
+datetime_to_iso8601({{Year, Month, Day}, {Hour, Minute, Second}}) ->
+  iolist_to_binary(io_lib:format("~4..0B-~2..0B-~2..0BT~2..0B:~2..0B:~2..0BZ",
+    [Year, Month, Day, Hour, Minute, Second])).
+
+send_json(Req, Status, Data) ->
+  Body = jsx:encode(Data),
+  cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req).
+
+send_error(Req, Status, Message) ->
+  Body = jsx:encode(#{error => Message}),
+  cowboy_req:reply(Status, #{<<"content-type">> => <<"application/json">>}, Body, Req).

src/logic/logic_moderation.erl

@@ -0,0 +1,180 @@
+-module(logic_moderation).
+-include("records.hrl").
+
+-export([create_report/4, get_reports/1, get_reports_by_target/3, resolve_report/3]).
+-export([add_banned_word/2, remove_banned_word/2, list_banned_words/1]).
+-export([check_content/1, auto_moderate/1]).
+-export([freeze_calendar/2, unfreeze_calendar/2, freeze_event/2, unfreeze_event/2]).
+
+-define(REPORT_THRESHOLD, 3).  % Количество жалоб для авто-заморозки
+
+%% ============ Жалобы ============
+
+%% Создание жалобы
+create_report(ReporterId, TargetType, TargetId, Reason) ->
+  case target_exists(TargetType, TargetId) of
+    true ->
+      case core_report:create(ReporterId, TargetType, TargetId, Reason) of
+        {ok, Report} ->
+          % Проверяем порог для авто-модерации
+          check_auto_freeze(TargetType, TargetId),
+          {ok, Report};
+        Error -> Error
+      end;
+    false -> {error, target_not_found}
+  end.
+
+%% Получить все жалобы (для админа)
+get_reports(AdminId) ->
+  case is_admin(AdminId) of
+    true -> core_report:list_all();
+    false -> {error, access_denied}
+  end.
+
+%% Получить жалобы на конкретную цель
+get_reports_by_target(AdminId, TargetType, TargetId) ->
+  case is_admin(AdminId) of
+    true -> core_report:list_by_target(TargetType, TargetId);
+    false -> {error, access_denied}
+  end.
+
+%% Рассмотреть жалобу (подтвердить или отклонить)
+resolve_report(AdminId, ReportId, Action) when Action =:= reviewed; Action =:= dismissed ->
+  case is_admin(AdminId) of
+    true ->
+      case core_report:get_by_id(ReportId) of
+        {ok, Report} ->
+          case Report#report.status of
+            pending ->
+              core_report:update_status(ReportId, Action, AdminId);
+            _ -> {error, already_resolved}
+          end;
+        Error -> Error
+      end;
+    false -> {error, access_denied}
+  end.
+
+%% Проверка порога для авто-заморозки
+check_auto_freeze(TargetType, TargetId) ->
+  Count = core_report:get_count_by_target(TargetType, TargetId),
+  if Count >= ?REPORT_THRESHOLD ->
+    auto_freeze(TargetType, TargetId);
+    true -> ok
+  end.
+
+auto_freeze(event, EventId) ->
+  case core_event:get_by_id(EventId) of
+    {ok, Event} when Event#event.status =:= active ->
+      core_event:update(EventId, [{status, frozen}]);
+    _ -> ok
+  end;
+auto_freeze(calendar, CalendarId) ->
+  case core_calendar:get_by_id(CalendarId) of
+    {ok, Calendar} when Calendar#calendar.status =:= active ->
+      core_calendar:update(CalendarId, [{status, frozen}]);
+    _ -> ok
+  end;
+auto_freeze(_, _) -> ok.
+
+%% ============ Бан-лист ============
+
+%% Добавить запрещённое слово
+add_banned_word(AdminId, Word) ->
+  case is_admin(AdminId) of
+    true -> core_banned_word:add(Word);
+    false -> {error, access_denied}
+  end.
+
+%% Удалить запрещённое слово
+remove_banned_word(AdminId, Word) ->
+  case is_admin(AdminId) of
+    true -> core_banned_word:remove(Word);
+    false -> {error, access_denied}
+  end.
+
+%% Список запрещённых слов
+list_banned_words(AdminId) ->
+  case is_admin(AdminId) of
+    true -> core_banned_word:list_all();
+    false -> {error, access_denied}
+  end.
+
+%% ============ Контент-фильтр ============
+
+%% Проверить контент на запрещённые слова
+check_content(Text) ->
+  core_banned_word:check_text(Text).
+
+%% Автоматическая модерация контента (замена запрещённых слов)
+auto_moderate(Text) ->
+  core_banned_word:filter_text(Text).
+
+%% ============ Заморозка/разморозка ============
+
+%% Заморозить календарь
+freeze_calendar(AdminId, CalendarId) ->
+  case is_admin(AdminId) of
+    true ->
+      case core_calendar:get_by_id(CalendarId) of
+        {ok, Calendar} ->
+          core_calendar:update(CalendarId, [{status, frozen}]);
+        Error -> Error
+      end;
+    false -> {error, access_denied}
+  end.
+
+%% Разморозить календарь
+unfreeze_calendar(AdminId, CalendarId) ->
+  case is_admin(AdminId) of
+    true ->
+      case core_calendar:get_by_id(CalendarId) of
+        {ok, Calendar} ->
+          core_calendar:update(CalendarId, [{status, active}]);
+        Error -> Error
+      end;
+    false -> {error, access_denied}
+  end.
+
+%% Заморозить событие
+freeze_event(AdminId, EventId) ->
+  case is_admin(AdminId) of
+    true ->
+      case core_event:get_by_id(EventId) of
+        {ok, Event} ->
+          core_event:update(EventId, [{status, frozen}]);
+        Error -> Error
+      end;
+    false -> {error, access_denied}
+  end.
+
+%% Разморозить событие
+unfreeze_event(AdminId, EventId) ->
+  case is_admin(AdminId) of
+    true ->
+      case core_event:get_by_id(EventId) of
+        {ok, Event} ->
+          core_event:update(EventId, [{status, active}]);
+        Error -> Error
+      end;
+    false -> {error, access_denied}
+  end.
+
+%% ============ Вспомогательные функции ============
+
+target_exists(event, EventId) ->
+  case core_event:get_by_id(EventId) of
+    {ok, _} -> true;
+    _ -> false
+  end;
+target_exists(calendar, CalendarId) ->
+  case core_calendar:get_by_id(CalendarId) of
+    {ok, _} -> true;
+    _ -> false
+  end;  % ← точка с запятой здесь!
+target_exists(_, _) -> false.
+
+is_admin(UserId) ->
+  case core_user:get_by_id(UserId) of
+    {ok, User} -> User#user.role =:= admin;
+    _ -> false
+  end.